<?php
/**
 * comments.php
 *
 * comments类
 * @author konakona
 * @date 2009-10-14
 */
class comments {
	/**
	 * 添加comments
	 * @param string $_post
	*/
	public static function comments_add($_post){
		if($_post['FZAD']!=k::$config['FORMHASH']){
			k::message('error submit');
		}
		if(strlen($_post['name'])<2){
			k::message('sorry,please input your name','javascript:history.back();');
		}
		if($_post['secode']!= $_SESSION['konacode']){
			k::message('sorry,the secode is error');
		}
		if(!k::check_email($_post['email'])){
			k::message('Email is error');
		}
		if(strlen($_post['content'])<5){
			k::message('content <5 ');
		}
		$_post = k::striptags($_post);
		$_post = k::escapeSQL($_post);
		$sql = "INSERT INTO comments values('','{$_post[name]}',".time().",'{$_post[content]}','{$_post[sex]}','{$_post[email]}','".k::getip()."','{$_post[id]}')";
		mysql::connect()->query($sql);
		k::message('Thank you for your comment!');
	}
	/**
	 * 删除comments
	 * @param mixed $id
	*/
	public static function comments_del($id){
		$sql = "DELETE FROM comments WHERE cid=$id";
		mysql::connect()->query($sql);
		k::message('这条comments已删除成功','javascript:history.back();');
	}
	/**
	 * 列出所有comments
	 * @param int $pid $dis_id
	 * @return array
	*/
	public static function comments_list($pid,$id=false,$row=10){
		if($pid == 0){
			$pid = 1;
		}
		$allcount = page::tableCount('comments');
		if($pid==1){
			$sql = "select * from comments ";
			if($id!=false) $sql.="where fid=$id";
			$sql .=" order by cid desc limit ".($pid-1).",$row";
		}else{
			$page_start  = ($pid-1)+$row;
			$sql = "select * from comments ";
			if($id!=false) $sql.="where fid=$id";
			$sql .=" order by cid desc limit ".($page_start-1).",$row";
		}
		return mysql::connect()->fetch_all($sql);
	}
}